Specifies the character used to replace sensitive data. If multiple characters are specified, then the first one is used. Note: This option replaces the "transcript-cleanup-mask" option in the [settings] section, used in previous releases.

Allows unmasking sensitive data in messages from a customer. Unmasking applies only if an active agent (one that is visible to the customer) is present in the session. Coaching and monitoring agents will not see unmasked data. For active agents, only the data sent after the agent joined the session is unmasked.

Specifies the character used to replace sensitive data. If multiple characters are specified, then the first one is used. Note: This option replaces the "transcript-cleanup-mask" option in the [settings] section, used in previous releases.

Contents

Masking Sensitive Data

Chat Server logs and chat transcripts might contain sensitive data such as credit card numbers, phone numbers, Social Security numbers, and so on. You can omit this data from logs and mask it in transcripts.

Logs

To omit sensitive data from logs, you must configure both UCS and Chat Server, as follows:

In the [settings] section, set message-log-print-size to 0. This means that logs do not show the messages sent between chat participants. Where a message occurs, the log shows [truncated from size=x], where x is the number of characters in the suppressed message.

In the [log-filter-data] section,

Set StructuredText to hide so that logs will omit the transcript that UCS sends to Chat Server.

Set Transcript to hide so that logs will omit the transcript that Chat Server sends to UCS.

Chat Transcripts

Overview

Chat Server can mask sensitive data in messages during chat sessions and in saved transcripts by using a regular expression (regex) to find and substitute the data with a configurable replacement character. Regular expressions, specified for Chat Server, must use the same syntax and semantics as defined for Perl 5 (however, Privacy Manager imposes additional constrain by allowing only java.util.regex compatible expressions). When enabled this functionality will:

Examine each chat message with an ordered set of regex rules. Use the apply-config option to configure the source/location of regex rules that will be applied. Note: all options are located in the transcript-cleanup section.

Replace any part of the message that matches a regex rule with a replacement character specified by the configuration. The default is specified by the default-repchar option.

When replacing symbols you can choose to replace all symbols or only digits. When replacing digits, you can also leave the last few digits unmasked —see the default-spec option.

This functionality can be applied for the messages of an ongoing chat session and/or a transcript saved in the contact history (UCS). This is specified by the apply-area option.

Tip

Starting with release 8.5.103, Chat Server supports reading the regex rules from UCS. To do this,

To deploy PII cleanup, set apply-area to always (or to a different value based on your needs; see table below) in Chat Server transcript-cleanup options and, if needed, adjust any other options in section [transcript-cleanup].

By default only hardcoded PII rules are used (as described in Default Rules if No Configuration is Provided). However, if you need to specify your own set of rules, you need to install Privacy Manager , a plugin for Genesys Administrator Extension (GAX), which brings a set of the same default PII rules into UCS, which you can then modify and extend with your own rules.

PII cleanup is applied for:

Option apply-area value

Messages exchanged between a customer and an agent

Chat session transcript stored in UCS (contact history)

never

Unmasked

Unmasked

always

Masked

Masked

history-all or history-final

Unmasked

Masked

Unmasking Data for Active Agents

Starting with release 8.5.106, Chat Server allows to unmask (i.e. suppress masking) for sensitive data in messages from a customer. It is controlled by the settings of the unmask-live-dialog configuration option. Unmasking is applicable only in the presence of active (visible to customer) agents. Coaching and monitoring agents will not see unmasked data. For active agents, only the data sent after the agent joined the session is unmasked.

Example

Consider the following scenario (assuming that the rule for masking credit cards is enabled):

The customer initiates a chat session. Without waiting for an agent, the customer sends the credit card number in a message. The credit card number is masked out.

An agent joins the session. This agent sees the chat session transcript from the very beginning where the credit card number is masked out in the message from the customer.

The customer sends the credit card number again. Both, the agent and the customer, see it.

A second agent joins the chat session for a conference conversation. The second agent sees the chat session transcript from the very beginning where the credit card number is masked out in all messages.

The customer sends the credit card number again. Now both agents and the customer see it.

After this chat session is finished, the transcript, saved in the contact history (UCS), has all credit card numbers masked out.

Default Rules if No Configuration is Provided

If the apply-config option has a value of cfg or is set to mix and no UCS PII configuration has been provided for the given chat session, Chat Server uses the following default rules to find sensitive data:

Typing Preview

Typing preview allows an agent to see text that a customer types before the text is submitted to the chat session. You can have Chat Server mask all digits in the typing preview by setting the typing-preview (called transcript-cleanup-typing before release 8.5.103) option to a value other than none. Chat Server then replaces all digits in the typing preview with the character specified by default-repchar (called transcript-cleanup-mask before release 8.5.103).